#include "threadPool.h"

/*mysql用户注册步骤：
    1 输入用户名和密码
    2 随机生成salt,crypt(明文密码，salt)获取密文
    3 将用户名、salt、密文存入user_info表(insert into)

  mysql用户登录步骤：
    1 输入用户名和密码
    2 查user_info表是否已注册
    3 取出salt，crypt(明文密码，salt)获取密文(select)
    4 对比所得密文与表中保存密文是否一致
*/

void get_salt(char *salt)//随机生成salt
{   
    strcpy(salt,"$6$");
    int i , flag;
    srand(time(NULL));
    for(i = 3; i < 11 ; ++i){
        flag = rand()%3;
        switch(flag){
            case 0: salt[i] = rand()%26 + 'a'; break;
            case 1: salt[i] = rand()%26 + 'A'; break;
            case 2: salt[i] = rand()%10 + '0'; break;
        }
    }
}

int user_login(int netfd, cmd_t Cmd)
{  
    //处理Cmd结构体，提取出用户名和密码
    char name[512] = {0};
    char passwd[512] = {0};
    char salt[100] = {0};
    char cryptpasswd[200] = {0};
    char flag;//用于发送给客户端的标记，验证成功为1，失败为0
    int i , j;
    for(i = 0 ; Cmd.object[i] != '\n' && Cmd.object[i] ; ++i){
        name[i] = Cmd.object[i];
    }
    ++i;
    for(j = 0 ; Cmd.object[i] != '\n' && Cmd.object[i] ; ++i){
        passwd[j++] = Cmd.object[i];
    }
    //连接数据库
    MYSQL *db;
    int ret = mysqlconnect(&db);
    if(ret != 0){
        return -1;
    }
    //检查用户是否已存在，并取出salt与密文
    char query[1000] = {0};
    sprintf(query,"select id,salt,cryptpasswd from user_info where user = '%s'",name);
    do_query(query,&db);
    MYSQL_RES * result = mysql_store_result(db);
    my_ulonglong row_num = mysql_num_rows(result);
    if(row_num == 0){//用户名不存在
        flag = '0';
        send(netfd,&flag,sizeof(char),MSG_NOSIGNAL);
        mysql_close(db);
        return -1;
    }
    MYSQL_ROW row = mysql_fetch_row(result);
    strcpy(salt,row[1]);
    strcpy(cryptpasswd,row[2]);
    //调用crypt第二次获取密文，并与第一次所或密文对比,一致则向客服端发送成功flag，否则发送失败flag
    if(strcmp(cryptpasswd,crypt(passwd,salt)) == 0){
        flag = '2';
        printf("pass!\n");
        send(netfd,&flag,sizeof(char),MSG_NOSIGNAL);
        //登录成功，将user_id加入client_id数组
        client_id[netfd] = atoi(row[0]); 
        //printf("client_id[%d] = %d\n",netfd,client_id[netfd]);
        ret = 0;
    }     
    else{
        flag = '1';
        printf("wrong!\n");
        send(netfd,&flag,sizeof(char),MSG_NOSIGNAL);
        ret = -1;
    }
    mysql_free_result(result);
    mysql_close(db);
    return ret;
}

int user_signup(int netfd, cmd_t Cmd){
    //处理Cmd结构体，提取出用户名和密码
    char name[512] = {0};
    char passwd[512] = {0};
    char pwd[100] = "~/";//刚注册用户默认目录在家目录
    int i , j;
    for(i = 0 ; Cmd.object[i] != '\n' && Cmd.object[i] ; ++i){
        name[i] = Cmd.object[i];
    }
    ++i;
    for(j = 0 ; Cmd.object[i] != '\n' && Cmd.object[i] ; ++i){
        passwd[j++] = Cmd.object[i];
    }
    //生成salt并获得密文
    char salt[100] = {0};
    get_salt(salt);
    char *cryptpasswd;
    cryptpasswd = crypt(passwd,salt);
    //将用户名、salt、密文、pwd、code存入mysql
    MYSQL *db;
    int ret = mysqlconnect(&db);
    if(ret != 0){
        return -1;
    }
    char query[1000] = {0};
    sprintf(query,"insert into user_info (user,salt,cryptpasswd,pwd,code) values ('%s','%s','%s','%s',0);",name,salt,cryptpasswd,pwd);
    ret = do_query(query,&db);
    char flag;
    if(ret == -1){
        flag = '0';
        send(netfd,&flag,sizeof(char),MSG_NOSIGNAL);
    }
    else if(ret == 0){
        flag = '1';
        send(netfd,&flag,sizeof(char),MSG_NOSIGNAL);
    }
    mysql_close(db);
}